1

I am from India and I am trying to host my music server (Navidrome) behind a Nginx proxy server from my Raspberry Pi.

The music server works absolutely fine on LAN (have been using it for a while now). Now I want to have internet access to it.

I've setup virtual server on my router to initially forward 4533 on external IP to my Raspberry Pi‘s port 4533 (which hosts the music server). 192.168.1.42 is the static IP that I’ve given to Raspberry Pi. After failing, I also setup Nginx reverse proxy using this Reddit post and now am forwarding port 80 as well to 80 and 4533 on Raspberry Pi.

1st pic is my router config:

external ip page

2nd pic is what I get when I go to my external IP at port 80:

router config

What confuses me is that I don't have a MikroTik router (I have a Digisol router) yet it directs me to a MikroTik router OS configuration page for port 80 and not connecting for any other port.

Somewhere I read that this might be a sign of double NAT and to check so using traceroute. To check if the 1st 2 hops are private or public.

My 1st hop is from my gateway 192.168.1.1 and the 2nd hop is my public IP address.

Also I checked open ports for my router by nmap -p4533 192.168.1.1 and my external IP and both tell me the port is closed.

What else can I try?

Note: All services work on LAN flawlessly - Navidrome, SyncThing, Transmission, JellyFin and Nginx now (I know a lot of services for a 1GB Raspberry PI 3B).

Edit: This is my WAN IPv4 info on my router.

The default gateway and secondary IP address are different from my external IO but have the same 1st byte i.e. till the 1st :

x:*:*:* both ip and my ip have same x - (3 digit number)

WAN info on router:

WAN info on router

Improve this question
3
  • 2
    What "WAN" or "External" address does your Digisol router show in its Status page? Commented Jan 6, 2024 at 12:48
  • ...also, why did you call the 1st picture "My router config"? That is, how exactly did you arrive at that Mikrotik login page? Commented Jan 6, 2024 at 13:24
  • Oh sorry the 1st pic is of my external ip i.e what i get when i type external_ip:80 or just external_ip into my browser. The 2nd pic is my router config which i get for 192.168.1.1 which is my local gateway. Commented Jan 6, 2024 at 17:49

1 Answer 1

Reset to default
0

Your Digisol router reports its "WAN" IP address as 172.16.x.x (a private IP address), is what really indicates two levels of NAT happening. More importantly, it indicates CGNAT – i.e. NAT done by your ISP and outside of your control.

If you're lucky this could be 1:1 NAT, which would still allow your services to be accessible from Internet – just not from inside. (Even without CGNAT or two levels of NAT in general, it is nevertheless quite common that you cannot access your own IP address from the inside, due to the way NAT functions, so it's not a new problem; people work around it using split-view DNS and similar.)

But most likely it's the "usual" 1:many NAT, in which case your server will never be reachable from the Internet… unless you can get your ISP to set up a dedicated IP address for you. Some ISPs offer that service on request (with or without additional payment).

If the ISP does not help you, the only remaining alternative is to use an external relay that works through an outbound connection to the relay server; for example, rent a VPS that runs the Nginx reverse proxy, which your Raspberry Pi maintains an active VPN connection to. Some CDN providers offer a similar service (I remember CloudFlare has 'cloudflared' aka Argo Tunnel; there's Ngrok; and there are probably a few others).

The default gateway and secondary IP address are different from my external IO but have the same 1st byte i.e. till the 1st

That's irrelevant; the "secondary IP address" is just an address of your DNS resolver and has nothing to do with your Internet connection as a whole (and is indeed completely normal for it to be different from your own external IP address and different from your gateway address).

Having the same 1st byte also means absolutely nothing (unless the addresses are in a /8 network which is exceedingly rare); e.g. there are many thousands of IPv4 networks that have "192" as the 1st octet.

Improve this answer
1
  • ;-; i knew this was most likely the case. Though i had some hope as someone somewhere gave a method to check whether i am in a double NAT scenario and it went like this - traceroute to some service and check the routes. There my first hop is my router 192.168.1.1 and then my external ip immediately. So i was thinking there might be some solution. Anyways how does this happen in my case if i am in a double nat situation? Commented Jan 6, 2024 at 20:19

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.